Insider Threat Detection: Using Classification Models

Insider threats refer to cyber-attacks originating from within an organization that can cause significant damage, such as intellectual property theft, sabotage, and sensitive data exposure. Traditional cybersecurity strategies tend to focus on external threats, leaving organizations vulnerable to insider attacks. In this paper, we propose an approach for insider threat classification with various classification models. Aggregated numerical features are generated using the access patterns of the employees of the organization. We used the CERT dataset for training and testing. The proposed method is evaluated with classification models like Logistic Regression, Decision Tree, Random Forest, and Xgboost. The experimental results of the model's performance, measured using evaluation metrics such as accuracy, recall, precision, and F1-Score, demonstrated improved accuracy and performance compared to existing works in terms of high recall, precision, and F1-Score values, and effectively outperformed pre-trained CNN models.

• Publication year

  2023

• Venue

  International Conference on Contemporary Computing

• Publication date

  2023-08-03

• Fields of study

  Computer Science

• Identifiers
  DOI 10.1145/3607947.3608009
• External record

  Open on Semantic Scholar

• Source metadata

  Semantic Scholar

• No claims are published for this paper.

• No concepts are published for this paper.

• A High Accuracy and Adaptive Anomaly Detection Model With Dual-Domain Graph Convolutional Network for Insider Threat Detection

  2023cited by this paper
• Hybrid Deep Learning Model using SPCAGAN Augmentation for Insider Threat Analysis

  2022cited by this paper
• Insider Threat Detection Using Machine Learning Approach

  2022cited by this paper
• SeqA-ITD: User Behavior Sequence Augmentation for Insider Threat Detection at Multiple Time Granularities

  2022cited by this paper
• SITD: Insider Threat Detection Using Siamese Architecture on Imbalanced Data

  2022cited by this paper
• An email content-based insider threat detection model using anomaly detection algorithms

  2021cited by this paper
• ITDBERT: Temporal-semantic Representation for Insider Threat Detection

  2021cited by this paper
• Insider Detection using Deep Autoencoder and Variational Autoencoder Neural Networks

  2021cited by this paper
• Image-based Insider Threat Detection via Geometric Transformation

  2021cited by this paper
• An Integrated Imbalanced Learning and Deep Neural Network Model for Insider Threat Detection

  2021cited by this paper
• New insider threat detection method based on recurrent neural networks

  2020cited by this paper
• DANTE: Predicting Insider Threat using LSTM on system logs

  2020cited by this paper
• Insider Threat Detection using Deep Learning: A Review

  2020cited by this paper
• Handling Insider Threat Through Supervised Machine Learning Techniques

  2020cited by this paper
• Ensemble Strategy for Insider Threat Detection from User Activity Logs

  2020cited by this paper
• Exploring Adversarial Properties of Insider Threat Detection

  2020cited by this paper
• User Behavior Analytics for Anomaly Detection Using LSTM Autoencoder - Insider Threat Detection

  2020cited by this paper
• A Review of Insider Threat Detection Approaches With IoT Perspective

  2020cited by this paper
• Analyzing Data Granularity Levels for Insider Threat Detection Using Machine Learning

  2020cited by this paper
• Machine learning based Insider Threat Modelling and Detection

  2019cited by this paper
• Classifier Suites for Insider Threat Detection

  2019cited by this paper
• A Trust Aware Unsupervised Learning Approach for Insider Threat Detection

  2019cited by this paper
• Image-Based Feature Representation for Insider Threat Classification

  2019cited by this paper
• SoK: A Systematic Review of Insider Threat Detection

  2019cited by this paper
• Embedding Learning with Heterogeneous Event Sequence for Insider Threat Detection

  2019cited by this paper
• Benchmarking evolutionary computation approaches to insider threat detection

  2018cited by this paper
• Insider Threat Detection with Deep Neural Network

  2018cited by this paper
• Detecting Potential Insider Threat: Analyzing Insiders' Sentiment Exposed in Social Media

  2018cited by this paper
• Prediction of human error using eye movements patterns for unintentional insider threat detection

  2018cited by this paper
• Detecting and Preventing Cyber Insider Threats: A Survey

  2018cited by this paper
• Distance Measurement Methods for Improved Insider Threat Detection

  2018cited by this paper
• Evaluating Insider Threat Detection Workflow Using Supervised and Unsupervised Learning

  2018cited by this paper
• Deep Learning Based Attribute Classification Insider Threat Detection for Data Security

  2018cited by this paper
• Deep Learning for Unsupervised Insider Threat Detection in Structured Cybersecurity Data Streams

  2017cited by this paper
• Carnegie Mellon University's CERT Dataset Analysis and Suggestions

  2017cited by this paper
• Predict insider threats using human behaviors

  2017cited by this paper
• Insider Threat Detection Based on Deep Belief Network Feature Representation

  2017cited by this paper
• Process monitoring on sequences of system call count vectors

  2017cited by this paper
• De-constructing the case studies

  2016cited by this paper
• A New Take on Detecting Insider Threats: Exploring the Use of Hidden Markov Models

  2016cited by this paper
• Insider Threat Detection Using Log Analysis and Event Correlation

  2015cited by this paper
• Convolutional neural network-based image representation for visual loop closure detection

  2015cited by this paper
• Behavioral Analysis of Insider Threat: A Survey and Bootstrapped Prediction in Imbalanced Data

  2014cited by this paper
• Understanding Insider Threat: A Framework for Characterising Attacks

  2014cited by this paper
• Research of Insider Threat Based on Bayesian Learning Theory

  2011cited by this paper
• Intrusion Investigations with Data-Hiding for Computer Log-File Forensics

  2010cited by this paper
• Insider Threat Detection Using a Graph-Based Approach

  2010cited by this paper
• Object Bank: A High-Level Image Representation for Scene Classification & Semantic Feature Sparsification

  2010cited by this paper
• Image Representation Using 2D Gabor Wavelets

  1996cited by this paper
• Image Representations for Visual Learning

  1996cited by this paper

• Mitigating Insider Threat: A Neural Network Approach for Enhanced Security

  2024cites this paper
• Insider Detection Using Combination of Machine Learning and Expert Policies

  2024cites this paper
• PRACTICAL SUPERVISED MACHINE LEARNING CLASSIFICATION OF HIGHLY IMBALANCED TEXT

  year unknowncites this paper